Presented: Tuesday May 5, 2015
Presenters: Kamal Janardhan, Group Program Manager Microsoft
Compliance and Governance
- Organizations are under attack - there is money and value globally to your information
- Changes is the only constant
- You are required to prove compliance - the leaders of business are responsible and accountable
- You want insights and alerting
You own your data; we/Microsoft are the guardians of it!
- Pervasive to protect
- Transparent to enable and extend
- People centric for productivity
- Years ago the best way to be compliant was to have no users - this has its obvious downsides
"He who sacrifices productivity for compliance deserves neither."
What you may be doing today…
- SharePoint/OneDrive
- Exchange
- Lync/Skype for Business
- Compliance and Governance Solutions
- Social, IM (FB, Facebook, etc.)
- Third Party Archives
Office 365 Compliance Center - Piece Of Mind
NOW AVAILABLE:Fastest way to ingest data into the Office 365 Service - Ship a drive with content (ex. PST files) to Microsoft to connect up to your service.
Compliance Center provides a single definition of policy that applies to all Office 365 workloads and applications.
Microsoft wants to build a partner ecosystem around compliance where partners can incorporate more data and solutions for Office 365 compliance.
- Ex. pharmaceutical records management, medical records management, health care compliance requirements
Compliance Center - where does it fit into this story?
- One experience across all workflows (EXO, SPO, Skype for Business, etc.)
- When I define a policy that says I don't want content that's sensitive to be shared outside the organization I want that policy applied consistently across all workloads and applications.
- Consistent Governance (preservation, delete, device, protection, DLP)
- Insights and Alerts for security and compliance
On Premise
- Cloud Connect
- On premises can still have compliance features in the cloud
- Cloud based compliance center, auditing, analyze with Equivio, DLP and more
- Pure On Premises - have a set of features that enable that
Archiving
- Easy to ingest
- Partner preview coming up: ability to ingest data from 3rd parties (Facebook, twitter, IM, Yahoo, Bloomberg) and rehydration from archives
- Coming soon: Drives from documents
- All storage you need
- Store and access - preserve what you need, delete what you don't
- Announcements:
- Office 365 archives will grow indefinitely
- Public folders preservation
- Document deletion in SharePoint - set a policy on a SharePoint site based on some criteria that will let you delete or preserve information within the site automatically (outside of Information Management Policies in content types)
- Coming soon: Compliance for modern groups and Yammer
DEMO: Drive Shipping Feature
- Click on Import tab and start the Archiving Import Wizard
eDiscovery is Microsoft's term for Compliance Search
- Search and refine with compliance search; one search for all data types; search based on metadata and index
- Need to have search in the context of where data is created
Microsoft acquired Equivio in Jan 2015 (Equivio Zoom)
- Will show Equivio running on Azure
- Can sign up for customer preview to use it
Granular Search Permissions
- Restrict who can search
- Restrict by data range when they can search
DEMO: Compliance Search
- Enter name of search
- Can select to search mailboxes or sites
- Enter keywords to search
- Can search Facebook posts or Twitter feeds
- Narrowed down search results and then previewed each item
Equivio Zoom
- Can generate a set of themes
- Can analyze overlap in themes
Office 365 Data Loss Prevention
- Announced today: policy tips in SharePoint and OneDrive for business in preview
- This is the concept of defining policies once and having them apply to all workloads, all apps, all devices
DEMO: DLP, Policy Management and Device Protection
- When creating a DLP policy you can today select SharePoint Online and OneDrive for business - in future will be able to select Exchange and other services
- Created a low count and a high count rule for UK PII policy - triggers rule based on number of national insurance numbers
- Many actions to select if policy is triggered:
- Send notification
- Email notification content
- Policy tip
- Override options
- Have policy reports go to the infosec team
- Can have policies on, off or on in TEST mode
DEMO: MDM
- Creating a new device security policy
- can specify the base requirements that a device must meet to connect to Office 365
- Can then control various aspects of the device
- Can select an Azure AD group that you wish to apply the policy to
DEMO: Auditing
- New audit pipeline to capture all O365 activity
- Correlation and search across content that is person and content centric
- Search, stream and export using new O365 Management Activity API
- Office 365 activity report will replace the AD report and Exchange reports already there
- Filter by date, filter by action, filter by user(s), filter by file or folder
- This report is about investigating an issue
- Can export output of activity report
- Supervisory review
- Drive shipping for documents and other data types (+partners)
- Ingestion for social, IM, financials, etc. (+Partners)
- Analyze with O365 search + Equivio
- Compliance center experiences
- Audit reporting experiences
- Alerting and anomaly detection (+Partners)
- Device protection for Windows 10, Lync, OneNote, Outlook, etc.
-Antonio
No comments:
Post a Comment